diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..06ff060 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,16 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + groups: + docker-actions: + patterns: + - "docker/*" + actions-org: + patterns: + - "actions/*" + commit-message: + prefix: chore + include: scope diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index 486f99d..25ee290 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -27,12 +27,12 @@ jobs: builds: ${{ steps.list.outputs.builds }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Get changed files id: changed if: github.event_name == 'push' - uses: tj-actions/changed-files@v44 + uses: tj-actions/changed-files@2d756ea4c53f7f6b397767d8723b3a10a9f35bf2 # v44.0.0 - name: Build matrix id: list @@ -157,22 +157,22 @@ jobs: build: ${{ fromJson(needs.detect.outputs.builds) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Log in to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 with: context: ./${{ matrix.build.context }} target: ${{ matrix.build.target }} diff --git a/.github/workflows/copilot-sandbox.yml b/.github/workflows/copilot-sandbox.yml index 3a74757..ed696c0 100644 --- a/.github/workflows/copilot-sandbox.yml +++ b/.github/workflows/copilot-sandbox.yml @@ -21,16 +21,16 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Log in to GitHub Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -38,7 +38,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.IMAGE_NAME }} tags: | @@ -46,7 +46,7 @@ jobs: type=sha,prefix=,format=short - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 with: context: ./copilot-sandbox platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 160b905..fbba5bc 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -13,11 +13,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Get changed variants.yaml files id: changed - uses: tj-actions/changed-files@v44 + uses: tj-actions/changed-files@2d756ea4c53f7f6b397767d8723b3a10a9f35bf2 # v44.0.0 with: files: '*/*/variants.yaml'